Tip of the Hat, Wag of the Finger: Apple Controversy Edition

Thursday, 2006-08-17; 17:21:00

Falsified MacBook Wi-Fi hack claims, Apple's report on iPod factory conditions, unsubstantiated reports of Apple closing the Mac OS X kernel, Leopard screenshots

Wag of the Finger: To, first and foremost, Brian Krebs, but also to Jon Ellch and David Maynor. Krebs is the guy that sparked a firestorm of controversy in the Mac community regarding vulnerable MacBook Wi-Fi drivers. In his article, Brian Krebs opens his damning, Tom Yager-esque treatise by saying:

If you want to grab the attention of a roomful of hackers, one sure fire way to do it is to show them a new method for remotely circumventing the security of an Apple Macbook computer to seize total control over the machine. That's exactly what hackers Jon "Johnny Cache" Ellch and David Maynor plan to show today in their Black Hat presentation on hacking the low-level computer code that powers many internal and external wireless cards on the market today.

That came out on August 2. Jon Ellch and David Maynor, two presenters at the Black Hat security conference, were the ones who demonstrated the hack to the audience -- whereby 'demonstrated' I actually mean 'presented a pre-cooked tape recording of them supposedly demonstrating this exploit'. And as a slight to the Mac community, "the presenters said they ultimately decided to run the demo against a Mac due to what Maynor called the 'Mac user base aura of smugness on security'", even though similar flaws were present in other device drivers.

Well, a couple eagle-eyed writers took issue with, first, the quality of the reporting, and second, the actual video of the exploit itself. From Daring Fireball:

Krebs’s shoddy reporting leaves nearly all the important questions regarding this exploit unanswered. What about other models? Are MacBook Pros exploitable as well? PowerBooks? iBooks? Desktop Macs that use AirPort? Is a Mac vulnerable in its default out-of-the-box configuration? For example, by default, Mac OS X is configured to ask for confirmation before joining an unknown open Wi-Fi network. Does this exploit require that this setting (in the Network panel in System Preferences) be changed to allow joining unknown open networks automatically? Are any other changes to the default networking configuration required to allow this exploit to work? Is there anything Mac users can do to protect themselves other than completely disabling AirPort?

Gruber actually aired these misgivings after Krebs had posted a follow-up to his original article, in which he says he "stands by his reporting". Note that Krebs reported that the video shows the flaw being demonstrated in a third-party wireless card, not in the default MacBook driver. But he chose to take on faith the fact that the flaw exists in the MacBook driver. Doesn't sound like quality reporting to me.

And then there's the issue of the hack itself. Quoth Jim Thompson (actually via the Daring Fireball Linked List):

The claim that the victim PC doesn't have to be "associated" or "doing anything special" is a head fake. While true, it serves to mystify and cloak what is really happening. Ellch & Maynor didn't present a paper titled, "we can create a covert channel by having control of the software on both sides of a communication link", because it is trivial to do so. (Avoiding detection when using a covert channel is a much more difficult problem.) Instead they performed the software equivalent of a "parlor trick", and in the tradition of shysters and con-men everywhere, colored the discussion so people would be mystified, perplexed and think that there was some new exploit buried deep in the 802.11 protocol, when, point-in-fact, there is not.

Well, we all know how the issue of security on the Mac tends to cause some people to get twisted the wrong way, especially when anybody suggests that Mac OS X is inherently more secure than Windows by design, and not by market share percentages. (Not to say that the Mac is totally invulnerable, but the number of exploits on the Mac -- i.e.: zero -- in my opinion, speaks for itself. Note that lame-ass trojans that require manual execution by a user to spread to other machines does not qualify. Neither do "rm -rf /" scripts disguised as a beta version of the next version of Microsoft Office count either.) *shock* *gasp* *awe* An exploit! On the Mac! OMG the sky is falling!

Well, the thing kind of died down in the days following. Until today.

Turns out, it was all a flat-out lie. Straight from the horse's mouth: the MacBook's AirPort driver does not have the flaw. Let's recap: the video is shown on a MacBook -- which wasn't necessary to produce the exploit, since any Windows machine would have done; the video is shown using a third-party wireless card -- not the MacBook's internal AirPort card; the video is shown using a third-party wireless driver -- not the MacBook's AirPort card driver. How is this an Apple problem again?

Oh, by the way? The website for SecureWorks has been "updated since the demonstration to reflect that" it used a third-party driver, not the one shipping with MacBooks. Make of that what you will, but I know what I'm thinking.

You know the whole irony of this thing? This'll make all the "MacMacs" smugger, not less smug.

Tip of the Hat: To Apple, regarding reports of poor working and living conditions in some of the factories that make iPods. (Note: the original article from Mail on Sunday regarding bad conditions is not available online.) Apple said it was investigating, and it has now issued a report: one surprisingly filled with details. They found some violations of Apple's "Code of Conduct", but nothing serious, and changes to the factory's policies have already, supposedly, been implemented.

Again, yet another way in which the press has overblown some "alleged reports" against Apple. But of course, seedy rumor sites are always accurate!

Wag of the Finger: Well, I covered this earlier, but in light of "Krebsgate", I figured I would put this in too. This one goes out to Tom Yager, who penned two articles regarding the fact that the version of the Darwin kernel that ran on Intel-based Macs was no longer open source. (While Yager never gave any specific examples, I read on a discussion board that the Virginia Tech supercomputer that was composed of PowerMac G5s and then later Xserve G5s used a custom kernel derived from the PowerPC Darwin kernel source to improve memory performance. Not sure how accurate that is, though.)

Well, again, straight from the horse's mouth, the Intel Darwin kernel is open-sourced again, when previously it was "in flux", at least according to Tom Yager.

What I find amusing is the fact that Yager's first article was entitled "Apple closes down OS X", which, like the MacBook controversy, is an inflammatory and sensationalist headline. Fundamentally, Mac OS X has always been a closed-source operating system; only the kernel, and many of the UNIX utilities that are included with the default installation are open-source. But that does not an open source operating system make. Almost all of the rest of Mac OS X, like Quartz, QuickTime, and all of the Apple-created applications that ship with the operating system are all closed source. (Obviously, projects hosted at the newly created Mac OS Forge site -- including Bonjour, Launchd, and WebKit -- are strikingly open-source, but these are relatively minor things in the whole operating system.)

So no, Apple did not close down Mac OS X -- it's always been that way. And Yager had no inside information or any confirmation about the fact that the kernel was now closed.

To his credit, Yager has thanked Apple for "re-opening" the kernel source. I'm waiting for a straight-out apology from Krebs, though.

Tip of the Hat: Leopard Finder. While there is no word on whether the Finder is completely redesigned in Leopard or whether or not servers still bring it to a screeching halt, leaked screenshots show some minor new features in the Finder that will be sure to solve some of the most annoying problems in the Finder.

The first series of screenshots comes from MacRumors, showing the view options for the Desktop. The winning feature? Grid spacing that's independent from label text size. And then over at Impulsive Highlighters come another string of images which includes another shot of the view options inspector window. The winning feature? Gone are the ridiculously annoying "All Windows" and "This Window" radio buttons, and in comes a "Use as Defaults" button. (In some sense, this is more of a bug fix rather than a new feature -- the settings that you use for "All Windows" should be the default settings, anyway! But this often turns out not to be the case. Let's hope that the new defaults button is consistent.)

Those two links contain a plethora of screenshots of Leopard, showing many of the minor details. In particular, I really like how Safari has gained warnings on when you have unsaved text written in a web field (a big time-saving feature, I would imagine) as well as when you have multiple tabs or windows open. The new Firefox-esque searching (instead of the System 7-esque Find Again-style searching) is also much appreciated. Of course, I'm running OmniWeb a lot again now, but maybe Safari 3.0 will lure me back. Also spotlighted (forgive the pun), specifically at Impulsive Highlighters, is a makeover of Preview. (Blah blah blah, ugly Mail lozenge buttons, blah blah blah. I don't want to hear it.) Come on Apple, just make Preview into a Photoshop competitor. Or at least make a product called Preview Pro or something.

Generated Colbert On Notice Board

Technological Supernova   Intarweb   Older   Newer   Post a Comment